Skip to content
This repository has been archived by the owner on Jun 2, 2022. It is now read-only.

AWS: Organizations Support #575

Open
tbugfinder opened this issue Nov 8, 2019 · 4 comments
Open

AWS: Organizations Support #575

tbugfinder opened this issue Nov 8, 2019 · 4 comments
Labels
question Further information is requested

Comments

@tbugfinder
Copy link

Use Case

As a Cloud Administrator or Security Admin I have to apply settings within all accounts and regions. There it should be possible to apply code within all member accounts or based on OUs.

Describe the Solution You Would Like

Apply code (e.g. IAM roles, Service Settings) on all Org members and regions (depending on service).

Describe Alternatives You've Considered

boto3 + python scripting
lambda deployment (e.g. awslabs)

Additional Context

N/A

@welcome
Copy link

welcome bot commented Nov 8, 2019

Thanks for opening your first issue here! We will follow up as soon as we can.

@MikaelSmith
Copy link
Contributor

Thanks for submitting this! I'd like to make sure I understand what "apply code" means, as this feels like a fairly abstract idea. Do you have examples in mind of what this interaction might look like? Alternatively, examples of what you've done with boto3 + python scripting that you could share?

@tbugfinder
Copy link
Author

Well, maybe I've a wrong understanding of wash's target.
"Apply code" was meant as e.g. an AWS API call or applying a cloudformation template to the Org or member accounts or OU(s).
This repo https://github.com/awslabs/aws-securityhub-multiaccount-scripts contains .py code as well as a cloudformation template.

@MikaelSmith
Copy link
Contributor

Ok, I'll have to think about this a bit and look at some examples.

Is the idea that you have a cloudformation template and it's an alternative to what you already do? Or that it's a different way of constructing those templates? Is applying a cloudformation template to an Org currently hard?

@MikaelSmith MikaelSmith added the question Further information is requested label Mar 3, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
question Further information is requested
Projects
None yet
Development

No branches or pull requests

2 participants